Improving the TCPA Specification
Computer
Dynamic Self-Checking Techniques for Improved Tamper Resistance
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Protecting Software Code by Guards
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Understanding Trusted Computing: Will Its Benefits Outweigh Its Drawbacks?
IEEE Security and Privacy
Practical server privacy with secure coprocessors
IBM Systems Journal - End-to-end security
Proceedings of the 11th ACM conference on Computer and communications security
A Generic Attack on Checksumming-Based Software Tamper Resistance
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
On obfuscating point functions
Proceedings of the thirty-seventh annual ACM symposium on Theory of computing
Peer-to-peer access control architecture using trusted computing technology
Proceedings of the tenth ACM symposium on Access control models and technologies
Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance
IEEE Transactions on Dependable and Secure Computing
Semantic remote attestation: a virtual machine directed approach to trusted computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
Hi-index | 0.00 |
The Trusted Computing Group (TCG) defines the specifications for the Trusted Platform Module (TPM) and corresponding trust mechanisms that allow a TPM-enabled platform to run only authenticated software. For example, the operating system (OS) can use the facilities provided by the TPM to authenticate a Digital Rights Management (DRM) application before allowing it to run. However TCG does not provide any clear specification on what kind of software can be regarded as trusted and hence be authenticated. In fact it is unlikely that there will be a clear line between the software that should be authenticated and those should not, e.g., debugger for developing binary codes and Internet browser for running applets. This leaves a grey area where even authenticated software may be exploited for malicious usage. This paper investigates the security of DRM applications in a relaxed scenario where users have larger purview. We present two attacks: abuse attack and injection attack where some reasonably authenticated software can be exploited for stealing protected contents. In the abuse attack, an attacker uses an authenticated debugger to monitor the internal state of a DRM application for the purpose of violating the access privilege in the application. In the injection attack, an adversary is able to make malicious modifications on an original DRM application at will. These two attacks demonstrate that it is not straightforward to impose DRM in a TPM-enabled system. To counter the attacks, we provide the OS-encapsulation scheme which ensures that only the genuine OS can start the DRM application. Our scheme is an enhancement of security for TPM-enabled DRM in a loose but more practical environment, where people are allowed to use the debugger, web browser, etc.